IT Security
Identify gaps. Stay secure.
Using proven methods and experienced teams.
Carson & SAINT’s independent IT security assessment or audit will help you define a strategy to keep your information secure. We use proven methods to identify any vulnerabilities in your systems and help you keep your company compliant with industry regulations such as PCI, HIPAA, SOX, FERPA, FFIEC, FISMA, GLBA, NERC, and GDPR. And, if you store any government data, we can make sure your systems meet government (NIST) compliance standards.
Our team has decades of hands-on information security experience as well as their commitment to being available to effectively respond to security-related issues and questions. They are PCI qualified service assessors (QSA) with degrees and certifications including CISSP and LPT.
Sound Technical Methods
Our team enforces a lifecycle approach in structuring information security programs that ensure that your organization’s most critical data is protected — safeguarding its confidentiality, integrity, and availability. Vetted over many successful engagements, our technical solutions bring together best-of-breed methodologies, technologies, and security experts to provide a holistic view of an organization’s security program.
Proven Management Approach
We employ a proven, repeatable management approach to ensure we deliver quality products that meet our customer needs – on time and within budget. Our approach is based on the program management body of knowledge (PMBOK) as an industry best practice to track each project from project inception to delivery. We use a matrix management strategy to ensure we engage the right people, with the right skills, at the right time to successfully deliver on project requirements. We use project management tools such as Microsoft Project to help guide our team throughout the process.
SECURITY ASSESSMENT
SERVICES VITAL FOR SUCCESS
Independent security assessments and audits
Vulnerability scanning and assessments
Security policy and procedures development
Security program implementation
Security training developing and execution
Security operations oversight
Penetration testing
Web application scanning
Social engineering
IT security gap analysis
PCI compliance
Using proven methods and experienced teams.
Carson & SAINT’s independent IT security assessment or audit will help you define a strategy to keep your information secure. We use proven methods to identify any vulnerabilities in your systems and help you keep your company compliant with industry regulations such as PCI, HIPAA, SOX, FERPA, FFIEC, FISMA, GLBA, NERC, and GDPR. And, if you store any government data, we can make sure your systems meet government (NIST) compliance standards.
Our team has decades of hands-on information security experience as well as their commitment to being available to effectively respond to security-related issues and questions. They are PCI qualified service assessors (QSA) with degrees and certifications including CISSP and LPT.
Sound Technical Methods
Our team enforces a lifecycle approach in structuring information security programs that ensure that your organization’s most critical data is protected – safeguarding its confidentiality, integrity, and availability. Vetted over many successful engagements, our technical solutions bring together best-of-breed methodologies, technologies, and security experts to provide a holistic view of an organization’s security program.
Proven Management Approach
We employ a proven, repeatable management approach to ensure we deliver quality products that meet our customer needs — on time and within budget. Our approach is based on the program management body of knowledge (PMBOK) as an industry best practice to track each project from project inception to delivery. We use a matrix management strategy to ensure we engage the right people, with the right skills, at the right time to successfully deliver on project requirements. We use project management tools such as Microsoft Project to help guide our team throughout the process.
SECURITY ASSESSMENT
SERVICES VITAL FOR SUCCESS
Independent security assessments and audits
Vulnerability scanning and assessments
Security policy and procedures development
Security program implementation
Security training developing and execution
Security operations oversight
Penetration testing
Web application scanning
Social engineering
IT security gap analysis
PCI compliance
CASE STUDY: ABT Associates
Carson & SAINT performed a system security assessment for one of ABT Associates’ federal customers. It included a system boundary analysis, system security categorization, security control assessment/testing, risk assessment, system security plan development, a security assessment report, and plan of action/milestones (POA&M). Our team also performed a gap analysis for an ABT Associates customer to determine if FISMA-required security controls were effectively implemented. We developed a system security plan, POA&M, and recommendations on how to resolve gaps in security controls that were not fully implemented.
CASE STUDY: Congressional Bank
Carson & SAINT performed a security assessment to evaluate the security posture of Congressional Bank’s LAN and outward-facing IT resources. The effort included a vulnerability assessment scan and an internal and external penetration test of the bank’s IT resources. These activities confirmed the state of the customer’s security and were used as a security attestation document artifact for their annual audit.